Senior Security Endpoint Engineer

Dragos
$130,000Remote

About The Position

The Senior Security Endpoint Engineer owns the full lifecycle of endpoint security and management across Dragos. This is a dual-mandate role: you're responsible for keeping endpoints secure and for making sure people can actually do their jobs. That means EDR coverage and detection fidelity matter just as much as patch compliance and deployment reliability — and staff experience is a first-class outcome alongside security posture. You'll operate at the intersection of security engineering and IT operations, collaborating closely with Infrastructure/Systems Engineering to ensure unified endpoint management doesn't create friction for the business. This isn't a pure security role — it owns the employee-facing endpoint experience end to end.

Requirements

  • 5–8 years of hands-on experience in endpoint security, endpoint management, or a combined security/IT operations role.
  • Deep working knowledge of EDR platforms: deployment, tuning, policy management, and incident response workflows.
  • Demonstrated experience managing endpoints across Windows, macOS, and Linux at scale.
  • Hands-on MDM administration experience (corporate devices and/or BYOD) across iOS and Android.
  • Practical experience with patch management programs including SLA definition, compliance tracking, and exception handling.
  • Proficiency with scripting and automation (PowerShell, Bash, Python, or equivalent) for endpoint management and operational workflows.
  • Familiarity with vulnerability management workflows and how endpoint patching integrates into the broader program.
  • Strong written communication skills — you can document a configuration decision and explain a security risk to a non-technical audience without losing accuracy in either case.

Responsibilities

  • Own the complete endpoint lifecycle including provisioning, configuration, enrollment, refresh, and decommissioning across all supported platforms while maintaining standard build configurations and baseline images.
  • Administer and optimize the endpoint detection and response (EDR) platform, including sensor deployment, detection tuning, and response policy optimization to reduce alert noise while preserving security effectiveness.
  • Lead endpoint-focused incident response activities including triage, containment, forensic data collection, and post-incident review; develop and maintain incident response runbooks for endpoint threat scenarios.
  • Establish and manage the endpoint patching program across operating systems and third-party software, define patch compliance SLAs by severity level, and coordinate patching efforts with Infrastructure and Systems Engineering teams.
  • Administer the mobile device management (MDM) platform for corporate and BYOD devices, manage mobile configuration profiles, compliance policies, and ensure mobile endpoint visibility within security tooling.
  • Act as the escalation point for complex endpoint issues beyond helpdesk capability, maintain user-facing documentation and guidance, and gather staff feedback to reduce unnecessary policy burden while preserving security controls.
  • Build and maintain endpoint automation for configuration management, compliance verification, remediation workflows, and reporting; evaluate new endpoint tools and capabilities and contribute endpoint-focused priorities to the security engineering roadmap.

Benefits

  • Competitive Equity Package
  • Comprehensive Benefits Plan
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service